Option to hide IP addresses from moderators

Over the years there’s been some requests for hiding user emails from moderators and that’s been addressed with the moderators view emails setting — thank you!

Usually these requests come from privacy concerns (eg: GDPR, specially in the context non-paid volunteers), compliance, etc.

Besides email addresses, there’s another piece of private information that remains visible today: IP addresses.

We are aware it could be hidden with CSS, but that’s a half-hack that doesn’t really protect private data and makes life for admins a bit harder since they can’t see it either.

Also, I know that one recommendation is to use TL4 instead and this is what we do at the moment. But, we would like to have these team members to have proper visibility into the health of the community (dashboard charts) and also help with the reviewing flagging which TL4 can’t do (not forum wide, just if they are category mods).

With the moderators view emails setting, the only thing that is stopping us from using proper moderators is that they still have access to IP addresses. While they are trusted members to do tasks like reviewing flags, the access to IP addresses requires too much overhead to do it (eg: signed contracts for GDPR compliance, training, etc).

Hence, our suggestion for a feature: a moderators view ip addresses setting, that would allow hiding IP addresses from moderators. These appear on user profiles (might be simpler to address), and also on the Logs section (perhaps a less trivial change).

I’m aware this is not not high priority and only affects particular scenarios such as ours. Nonetheless, I would like to leave this here for others who may have use for this to chime in too.

for a community, members’ IP addresses are very important privacy, even cannot do much with it, but most members do care about that a lot.

each forum may have several modulators for managing the topic/posts, but not all of them need the access to IP address, IP address access is only need for investigation in some cases.
it is no good to have all modulators access to IP address.

this is about privacy, hope team could consider this soon …
thanks…

My IP is 85.76.164.100

What will happen now? I’m just curious. Because I don’t know how any of moderators of forums I’m using can violate my privacy, even if they for some reason would want to.

Now we know you have an odd taste for music Käyttäjän 85.76.164.100 muokkaukset – Wikipedia

Its easy to know what you or your neighbors download from the internet with a ip adress

But yes it’s not a problem for me too

Yeah, Finnish music taste may be, and is, strange, but that was quite… extreme.

But seriously. I have two words: the biggest ISP in Finland and its NAT (well, perhaps few more than two). Meaning good luck trying to follow me or even find my address

That is one reason why I have troubles to see that as a security issue. But perhaps someone can this time explain it to me.

For me it doesn’t matter anything if there is setting to hide IP from moderators. But it will make theirs job a bit more difficult. Again, it doesn’t matter because changing or lying IP is totally trivial trick.

And… I kind of trust on the team, because they work with big corporates and nowadays those are quite strict with security. So if they don’t see visible IP for all staff as a security (leaking privacy is a security risk) risk, I believe them.

Well… no. Do you want to guess how many has exacly same IP than mine I know out there is still countries where that may be true, because I’ve heard rumours that somewhere is still landlines, faxes, cheques and — oh lord — even cash money, but…

I agree with you in some sense. usually, this is no big deal. However, many members feel uncomfortable with it. In some cases, it does raise privacy concerns. if someone could be located at city level, it is already no good for him/her… combining with info in their post, he/she might be identified…

Who told them that mods can see their IP? I guess that the problem arises out of the fact that someone decided to create paranoia around the IPs being exposed to the mods?

As mentioned in the OP, the reason for the request on this topic comes primarily from legal concerns/obligations.

Those that provide a service where the data is stored/used are responsible for keeping it secure and are legally liable for what happens to it. In the light of e.g. GDPR, in order to provide someone with moderator status (which currently still gives visibility into the users IP address), it can require a signed contract with each moderator, specifying what may or may not be done with it, perhaps training/documentation about GDPR, etc. All that can make sense at some scales/contexts, but there are also many scenarios where it becomes an unnecessary burden which I think could be simplified with a moderators view ip addresses setting like the already existing one for hiding email addresses from mods.

Lacking that, when giving someone moderator privileges, the service may be liable for not properly protecting the data. Note that IANAL, but this is my understanding of it.

Again. GDPR allows IP. There is absolut no reason to start fix something that is not broken.

And again. There is no legal concerns and oblications. It would be nice if such reason is told, because sure, countries are different. But GDPR is not one of those.

I can’t even understand how the internet would function if more than one person has the same address, there must be sub-I.P. address if the primary one is being shared?

We are off topic now, but for example this way:

But the main point is IP-addresses are quite rarely un-changeable and when those are it is practically impossible to use these to identify someone. IP scariness is from fax era.

I tend to disagree. At least the answer is not as clear cut and the European court of Justice has ruled that IP addresses might be considered personal data (https://cms.law/en/bgr/publication/does-the-ip-address-represent-personal-data).

Now what you do with that information is another question and I think one could argue that the IP address and geographical region might help moderators to judge if a message comes from a bot account, but I don’t find the OP’s request to hide IPs from moderators and only show them to admins unreasonable.

Well, it is the only question and the root purpose of GDPR.

I’m no expert about GDPR, but would say there certainly could be some legal concerns and/or obligations in general with I.P. address not necessarily from that but could be anything if someone his signed a contract that matters with laws.

With the Maxmind systems seems that can identify general region/country of address if it isn’t being masked, which is important even just knowing what country someone is located in or a citizen of is personal information.

MaxMind misses my location by 200 km. And

• USA 331,5 million
• Washington state 7,8 million
• Seattle metropolitan 3,6 million

So?

Some people don’t care, some people do care. It does raise privacy concern, esp. when combined with information from the posts of the members. Guess you could easily think of some examples…
Say, a professor, major, research, city. This could easily help find him/her on the web.

Understand some folks don’t mind sharing ip, ( maybe even address or name?) , while some others do have a valid concern.

This request is for a setting to be able to hide ip. Just an option, Not force to hide.

But if someone is scared about something isn’t valid reason to do something.

I agree, as I said earlier. I’m questioning reasons for that.

Haven’t been to Seattle for over six months, I live in a tiny town with less than 1,000 people short ways north of Seattle.

In general am guessing the main reason why this could be a helpful feature would be to protect members from potential harassment, which can be based on nationality or any number of other cultural biases.

I hear you saying I.P. address isn’t critical security information for Finland or likely many other countries, but for some it could be depending on the internet provider’s security methods.

This is an important statement thanks for writing that.

You miss the point. Needle in the haystack.